Introduction

.01 This standard establishes requirements regarding the auditor's evaluation of a company's identification of, accounting for, and disclosure of relationships and transactions between the company and its related parties.1

Objective

.02 The objective of the auditor is to obtain sufficient appropriate audit evidence to determine whether related parties and relationships and transactions with related parties have been properly identified, accounted for, and disclosed in the financial statements.2

Performing Risk Assessment Procedures to Obtain an Understanding of the Company's Relationships and Transactions with Its Related Parties

.03 The auditor should perform procedures to obtain an understanding of the company's relationships and transactions with its related parties that might reasonably be expected to affect the risks of material misstatement of the financial statements in conjunction with performing risk assessment procedures in accordance with AS 2110, Identifying and Assessing Risks of Material Misstatement. The procedures performed to obtain an understanding of the company's relationships and transactions with its related parties include:

Obtaining an understanding of the company's process (paragraph .04);

Performing inquiries (paragraphs .05-.07); and

Communicating with the audit engagement team and other auditors (paragraphs .08-.09).

Note: Obtaining an understanding of the company's relationships and transactions with its related parties includes obtaining an understanding of the nature of the relationships between the company and its related parties and of the terms and business purposes (or the lack thereof) of the transactions involving related parties.

Note: Performing the risk assessment procedures described in paragraphs .04-.09 of this standard in conjunction with the risk assessment procedures required by AS 2110 is intended to provide the auditor with a reasonable basis for identifying and assessing risks of material misstatement associated with related parties and relationships and transactions with related parties.

Obtaining an Understanding of the Company's Process

.04 In conjunction with obtaining an understanding of internal control over financial reporting, the auditor should obtain an understanding of the company's process for:3

Identifying related parties and relationships and transactions with related parties;

Authorizing and approving transactions with related parties; and

Accounting for and disclosing relationships and transactions with related parties in the financial statements.

The nature of any relationships, including ownership structure, between the company and its related parties;

The transactions entered into, modified, or terminated, with its related parties during the period under audit and the terms and business purposes (or the lack thereof) of such transactions;

The business purpose for entering into a transaction with a related party versus an unrelated party;

Any related party transactions that have not been authorized and approved in accordance with the company's established policies or procedures regarding the authorization and approval of transactions with related parties; and

Any related party transactions for which exceptions to the company's established policies or procedures were granted and the reasons for granting those exceptions.

.06 The auditor should inquire of others within the company regarding their knowledge of the matters in paragraph .05 of this standard. The auditor should identify others within the company5 to whom inquiries should be directed, and determine the extent of such inquires, by considering whether such individuals are likely to have knowledge regarding:

The company's related parties or relationships or transactions with related parties;

The company's controls over relationships or transactions with related parties; and

The existence of related parties or relationships or transactions with related parties previously undisclosed to the auditor.6

.07 The auditor should inquire of the audit committee,7 or its chair, regarding:

The audit committee's understanding of the company's relationships and transactions with related parties that are significant to the company; and

Whether any member of the audit committee has concerns regarding relationships or transactions with related parties and, if so, the substance of those concerns.

Communicating with the Audit Engagement Team and Other Auditors

.08 The auditor should communicate to engagement team members relevant information about related parties, including the names of the related parties and the nature of the company's relationships and transactions with those related parties.8

.09 If the auditor is using the work of another auditor, the auditor should communicate to the other auditor relevant information about related parties, including the names of the company's related parties and the nature of the company's relationships and transactions with those related parties.9 The auditor also should inquire of the other auditor regarding the other auditor's knowledge of any related parties or relationships or transactions with related parties that were not included in the auditor's communications.

Identifying and Assessing Risks of Material Misstatement

.10 The auditor should identify and assess the risks of material misstatement at the financial statement level and the assertion level.10 This includes identifying and assessing the risks of material misstatement associated with related parties and relationships and transactions with related parties, including whether the company has properly identified, accounted for, and disclosed its related parties and relationships and transactions with related parties.

Note: In identifying and assessing the risks of material misstatement associated with related parties and relationships and transactions with related parties, the auditor should take into account the information obtained from performing the procedures in paragraphs .04-.09 of this standard and from performing the risk assessment procedures required by AS 2110.

Responding to the Risks of Material Misstatement

.11 The auditor must design and implement audit responses that address the identified and assessed risks of material misstatement.11 This includes designing and performing audit procedures in a manner that addresses the risks of material misstatement associated with related parties and relationships and transactions with related parties.12

Note: The auditor also should look to the requirements in paragraphs .66-.67A of AS 2401, Consideration of Fraud in a Financial Statement Audit, for related party transactions that are also significant unusual transactions (for example, significant related party transactions outside the normal course of business). For such related party transactions, AS 2401.67 requires that the auditor evaluate whether the business purpose (or the lack thereof) of the transactions indicates that the transactions may have been entered into to engage in fraudulent financial reporting or conceal misappropriation of assets.

Transactions with Related Parties Required to be Disclosed in the Financial Statements or Determined to be a Significant Risk

.12 For each related party transaction that is either required to be disclosed in the financial statementsor determined to be a significant risk, the auditor should:

Read the underlying documentation and evaluate whether the terms and other information about the transaction are consistent with explanations from inquiries and other audit evidence about the business purpose (or the lack thereof) of the transaction;

Determine whether the transaction has been authorized and approved in accordance with the company's established policies and procedures regarding the authorization and approval of transactions with related parties;

Determine whether any exceptions to the company's established policies or procedures were granted;13

Evaluate the financial capability of the related parties with respect to significant uncollected balances, loan commitments, supply arrangements, guarantees, and other obligations, if any;14 and

Perform other procedures as necessary to address the identified and assessed risks of material misstatement.

Note: The applicable financial reporting framework may allow the aggregation of similar related party transactions for disclosure purposes. If the company has aggregated related party transactions for disclosure purposes in accordance with the applicable financial reporting framework, the auditor may perform the procedures in paragraph .12 for only a selection of transactions from each aggregation of related party transactions (versus all transactions in the aggregation), commensurate with the risks of material misstatement.

Intercompany Accounts

.13 The auditor should perform procedures on intercompany account balances as of concurrent dates, even if fiscal years of the respective companies differ.

Note: The procedures performed should address the risks of material misstatement associated with the company's intercompany accounts.

Evaluating Whether the Company Has Properly Identified Its Related Parties and Relationships and Transactions with Related Parties

.14 The auditor should evaluate whether the company has properly identified its related parties and relationships and transactions with related parties. Evaluating whether a company has properly identified its related parties and relationships and transactions with related parties involves more than assessing the process used by the company. This evaluation requires the auditor to perform procedures to test the accuracy and completeness of the related parties and relationships and transactions with related parties identified by the company, taking into account the information gathered during the audit.15 As part of this evaluation, the auditor should read minutes of the meetings of stockholders, directors, and committees of directors, or summaries of actions of recent meetings for which minutes have not yet been prepared.

Note: Appendix A contains examples of information and sources of information that may be gathered during the audit that could indicate that related parties or relationships or transactions with related parties previously undisclosed to the auditor might exist.

.15 If the auditor identifies information that indicates that related parties or relationships or transactions with related parties previously undisclosed to the auditor might exist, the auditor should perform the procedures necessary to determine whether previously undisclosed relationships or transactions with related parties, in fact, exist.16 These procedures should extend beyond inquiry of management.

.16 If the auditor determines that a related party or relationship or transaction with a related party previously undisclosed to the auditor exists, the auditor should:

Inquire of management regarding the existence of the related party or relationship or transaction with a related party previously undisclosed to the auditor and the possible existence of other transactions with the related party previously undisclosed to the auditor;

Evaluate why the related party or relationship or transaction with a related party was previously undisclosed to the auditor;17

Promptly communicate to appropriate members of the engagement team and other auditors participating in the audit engagement relevant information about the related party or relationship or transaction with the related party;

Assess the need to perform additional procedures to identify other relationships or transactions with the related party previously undisclosed to the auditor;

Perform the procedures required by paragraph .12 of this standard for each related party transaction previously undisclosed to the auditor that is required to be disclosed in the financial statements or determined to be a significant risk; and

Perform the following procedures, taking into account the information gathered from performing the procedures in a. through e. above:

Evaluate the implications on the auditor's assessment of internal control over financial reporting, if applicable;

Reassess the risk of material misstatement and perform additional procedures as necessary if such reassessment results in a higher risk;18 and

Evaluate the implications for the audit if management's nondisclosure to the auditor of a related party or relationship or transaction with a related party indicates that fraud or an illegal act may have occurred. If the auditor becomes aware of information indicating that fraud or another illegal act has occurred or might have occurred, the auditor must determine his or her responsibilities under AS 2401.79-.82, AS 2405, Illegal Acts by Clients, and Section 10A of the Securities Exchange Act of 1934, 15 U.S.C. §78j-1.

Evaluating Financial Statement Accounting and Disclosures

.17 The auditor must evaluate whether related party transactions have been properly accounted for and disclosed in the financial statements. This includes evaluating whether the financial statements contain the information regarding relationships and transactions with related parties essential for a fair presentation in conformity with the applicable financial reporting framework.19

Assertions That Transactions with Related Parties Were Conducted on Terms Equivalent to Those Prevailing in Arm's-Length Transactions

.18 If the financial statements include a statement by management that transactions with related parties were conducted on terms equivalent to those prevailing in an arm's-length transaction, the auditor should determine whether the evidence obtained supports or contradicts management's assertion. If the auditor is unable to obtain sufficient appropriate audit evidence to substantiate management's assertion, and if management does not agree to modify the disclosure, the auditor should express a qualified or adverse opinion.20

Note: Transactions with related parties might not be conducted on terms equivalent to those prevailing in arm's-length transactions (e.g., a company may receive services from a related party without cost). Except for routine transactions, it may not be possible for management to determine whether a particular transaction would have taken place, or what the terms and manner of settlement would have been, if the parties had not been related. Accordingly, it may be difficult for the auditor to obtain sufficient appropriate audit evidence to substantiate management's assertion that a transaction was consummated on terms equivalent to those that prevail in arm's-length transactions. A preface to a statement such as "management believes that" or "it is the company's belief that" does not change the auditor's responsibilities.

Communications with the Audit Committee

.19 The auditor should communicate to the audit committee the auditor's evaluation of the company's identification of, accounting for, and disclosure of its relationships and transactions with related parties.21 The auditor also should communicate other significant matters arising from the audit regarding the company's relationships and transactions with related parties including, but not limited to:

The identification of related parties or relationships or transactions with related parties that were previously undisclosed to the auditor;

The identification of significant related party transactions that have not been authorized or approved in accordance with the company's established policies or procedures;

The identification of significant related party transactions for which exceptions to the company's established policies or procedures were granted;

The inclusion of a statement in the financial statements that a transaction with a related party was conducted on terms equivalent to those prevailing in an arm's-length transaction and the evidence obtained by the auditor to support or contradict such an assertion; and

The identification of significant related party transactions that appear to the auditor to lack a business purpose.

Appendix A - Examples of Information and Sources of Information That May Be Gathered During the Audit That Could Indicate That Related Parties or Relationships or Transactions with Related Parties Previously Undisclosed to the Auditor Might Exist

.A1 This Appendix contains examples of information and sources of information that may be gathered during the audit that could indicate that related parties or relationships or transactions with related parties previously undisclosed to the auditor might exist. Specifically, paragraph .A2 of this Appendix contains examples of information that could indicate that related parties or relationships or transactions with related parties previously undisclosed to the auditor might exist. Similarly, paragraph .A3 contains examples of sources that could contain such information. The examples contained in this Appendix are not intended to represent a comprehensive listing.

.A2 The following are examples of information that may be gathered during the audit that could indicate that related parties or relationships or transactions with related parties previously undisclosed to the auditor might exist:

Buying or selling goods or services at prices that differ significantly from prevailing market prices;

Borrowing or lending on an interest-free basis or with no fixed repayment terms;

Occupying premises or receiving other assets or rendering or receiving management services when no consideration is exchanged;

Engaging in a nonmonetary transaction that lacks commercial substance;

Sales without economic substance (e.g., funding the other party to the transaction to facilitate collection of the sales price, or entering into a transaction shortly prior to period end and unwinding that transaction shortly after period end);

Loans to parties that, at the time of the loan transaction, do not have the ability to repay and possess insufficient or no collateral;

Loans made without prior consideration of the ability of the party to repay;

A subsequent repurchase of goods that indicates that at the time of sale an implicit obligation to repurchase may have existed that would have precluded revenue recognition or sales treatment;

Advancing company funds that are used directly or indirectly to pay what would otherwise be an uncollectible loan or receivable;

Sales at below market rates to an intermediary whose involvement serves no apparent business purpose and who, in turn, sells to the ultimate customer at a higher price, with the intermediary (and ultimately its principals) retaining the difference;

Guarantees and guarantor relationships outside the normal course of business; or

Transactions between two or more entities in which each party provides and receives the same or similar amounts of consideration (e.g., round-trip transactions).

.A3 The following are examples of sources of information that may be gathered during the audit that could indicate that related parties or relationships or transactions with related parties previously undisclosed to the auditor might exist:

Periodic and current reports, proxy statements, and other relevant company filings with the SEC and other regulatory agencies;

Disclosures contained on the company's website;

Confirmation responses and responses to inquiries of the company's lawyers;

Tax filings and related correspondence;

Invoices and correspondence received from the company's professional advisors, for example, attorneys and consulting firms;

Records of the company's investments, pension plans, and other trusts established for the benefit of employees, including the names of the officers and trustees of such investments, pension plans, and other trusts;

Contracts or other agreements (including, for example, partnership agreements and side agreements or other arrangements) with management;

Significant contracts renegotiated by the company during the period under audit;

Records from a management, audit committee, or board of directors' whistleblower program;

Expense reimbursement documentation for executive officers; or

The company's organizational charts.

Footnotes (AS 2410 - Related Parties):

1 The auditor should look to the requirements of the U.S. Securities and Exchange Commission for the company under audit with respect to the accounting principles applicable to that company, including the definition of the term "related parties" and the financial statement disclosure requirements with respect to related parties.

2See, e.g., paragraphs .30-.31 of AS 2810, Evaluating Audit Results. See also paragraph .04 of AS 2815, The Meaning of "Present Fairly in Conformity with Generally Accepted Accounting Principles."

3See, e.g.,AS 2110.18, which requires the auditor to obtain a sufficient understanding of each component of internal control over financial reporting to (a) identify the types of potential misstatements, (b) assess the factors that affect the risks of material misstatement, and (c) design further audit procedures. See also AS 2110.20, which states that obtaining an understanding of internal control includes evaluating the design of controls that are relevant to the audit and determining whether the controls have been implemented.

4See also AS 2805, Management Representations. Obtaining such representations from management complements the performance of procedures in paragraph .05 and is not a substitution for those inquiries.

5 Examples of "others" within the company who may have such knowledge include: personnel in a position to initiate, process, or record transactions with related parties and those who supervise or monitor such personnel; internal auditors; in-house legal counsel; the chief compliance/ethics officer or person in equivalent position; and the human resources director or person in equivalent position.

6For purposes of this standard, the phrase "related parties or relationships or transactions with related parties previously undisclosed to the auditor" includes, to the extent not disclosed to the auditor by management: (1) related parties; (2) relationships or transactions with known related parties; and (3) relationships or transactions with previously unknown related parties.

7 The term "audit committee" has the same meaning as the term used in AS 1301, Communications with Audit Committees.

8 This communication, which can be more effective when it occurs at an early stage of the audit, complements the discussion among engagement team members regarding risks of material misstatement in accordance with AS 2110.49. See also paragraph .05 of AS 1201, Supervision of the Audit Engagement, which establishes requirements regarding supervision of the engagement team members, including directing engagement team members to bring significant accounting and auditing issues arising during the audit to the attention of the engagement partner or other engagement team members performing supervisory activities.

9See AS 1205, Part of the Audit Performed by Other Independent Auditors,whichdescribes the auditor's responsibilities regarding using the work and reports of other independent auditors who audit the financial statements of one or more subsidiaries, divisions, branches, components, or investments included in the financial statements.

11See paragraph .03 of AS 2301, The Auditor's Responses to the Risks of Material Misstatement.

12See generally, AS 2301 and paragraph .17 of AS 1105, Audit Evidence, which provides that inquiry of company personnel, by itself, does not provide sufficient audit evidence to reduce audit risk to an appropriately low level for a relevant assertion or to support a conclusion about the effectiveness of a control.

13 Information gathered while obtaining an understanding of the company also might assist the auditor in identifying agreements prohibiting or restricting related party transactions (for example, loans or advances to related parties).

14 Examples of information that might be relevant to the auditor's evaluation of a related party's financial capability include, among other things, the audited financial statements of the related party, reports issued by regulatory agencies, financial publications, and income tax returns of the related party, to the extent available.

15 Information obtained from identifying and evaluating a company's significant unusual transactions and obtaining an understanding of a company's financial relationships and transactions with its executive officers could indicate that related parties or relationships or transactions with related parties previously undisclosed to the auditor might exist.

16See AS 1105.29, which states that if audit evidence obtained from one source is inconsistent with that obtained from another, or if the auditor has doubts about the reliability of information to be used as audit evidence, the auditor should perform the audit procedures necessary to resolve the matter and should determine the effect, if any, on other aspects of the audit.

17See AS 2805.04, which states that if a representation made by management is contradicted by other audit evidence, the auditor should investigate the circumstances and consider the reliability of the representation made. Based on the circumstances, the auditor should consider whether his or her reliance on management's representations relating to other aspects of the financial statements is appropriate and justified.

18See AS 2110.74, which states that when the auditor obtains audit evidence during the course of the audit that contradicts the audit evidence on which the auditor originally based his or her risk assessment, the auditor should revise the risk assessment and modify planned audit procedures or perform additional procedures in response to the revised risk assessments.

20See AS 2805.06l, which requires the auditor to obtain written representations from management if the financial statements include such an assertion. Representations from management alone are not sufficient appropriate audit evidence. See also paragraphs .18–.19 of AS 3105, Departures from Unqualified Opinions and Other Reporting Circumstances.

21See AS 1301 regarding the timing of the communications to the audit committee.